tcool Posted December 11, 2020 ID:1426622 Share Posted December 11, 2020 Hi, I am currently downloading a game from GOG galaxy and have got numerous messages about blocking websites due to trojan. Here are the details. Thanks. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/12/2020 Protection Event Time: 09:40 Log File: da955258-3b94-11eb-82e4-e0d55ee5e38e.json -Software Information- Version: 4.2.3.96 Components Version: 1.0.1122 Update Package Version: 1.0.34199 Licence: Premium -System Information- OS: Windows 10 (Build 19041.685) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: cdn-edge-dynamic-101-waw-pl-ovh.gogcdn.net IP Address: 51.83.248.159 Port: 443 Type: Outbound File: C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/12/2020 Protection Event Time: 10:49 Log File: 84c38d9a-3b9e-11eb-a2a0-e0d55ee5e38e.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1130 Update Package Version: 1.0.34201 Licence: Premium -System Information- OS: Windows 10 (Build 19041.685) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: cdn-edge-dynamic-1074-fra-de-ovh.gogcdn.net IP Address: 54.36.117.1 Port: 443 Type: Outbound File: C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe Link to post Share on other sites More sharing options...
Staff Solution JPopovic Posted December 11, 2020 Staff Solution ID:1426623 Share Posted December 11, 2020 Hello, The block will be removed. Thank you and let us know if you need any additional help! Link to post Share on other sites More sharing options...
Bouduli Posted February 3, 2021 ID:1436436 Share Posted February 3, 2021 I've also recieved one of these false positives, got this message while GOG was doing Cloud Saving Link to post Share on other sites More sharing options...
Bouduli Posted February 3, 2021 ID:1436437 Share Posted February 3, 2021 1 minute ago, Bouduli said: I've also recieved one of these false positives, got this message while GOG was doing Cloud Saving forgot the file info... Malwarebytes www.malwarebytes.com -Logginformation- Datum för skyddshändelse: 2021-02-03 Tid för skyddshändelse: 17:43 Loggfil: e31bb366-663e-11eb-9c37-f44d30b1ae3c.json -Programvaruinformation- Version: 4.3.0.98 Komponentversion: 1.0.1157 Uppdatera paketversionen: 1.0.36667 Licens: Testversion -Systeminformation- OS: Windows 10 (Build 19041.746) CPU: x64 Filsystem: NTFS Användare: System -Information om blockerad webbplats- Skadlig webbplats: 1 , C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe, Blockerad, -1, -1, 0.0.0, , -Webbplatsdata- Kategori: Trojan Domän: cdn-edge-dynamic-1-fra-de-ovh.gogcdn.net IP-adress: 51.75.89.124 Port: 443 Typ: Utgående Fil: C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (end) Link to post Share on other sites More sharing options...
Staff TeMerc Posted February 3, 2021 Staff ID:1436460 Share Posted February 3, 2021 1 hour ago, Bouduli said: forgot the file info... Malwarebytes www.malwarebytes.com -Logginformation- Datum för skyddshändelse: 2021-02-03 Tid för skyddshändelse: 17:43 Loggfil: e31bb366-663e-11eb-9c37-f44d30b1ae3c.json -Programvaruinformation- Version: 4.3.0.98 Komponentversion: 1.0.1157 Uppdatera paketversionen: 1.0.36667 Licens: Testversion -Systeminformation- OS: Windows 10 (Build 19041.746) CPU: x64 Filsystem: NTFS Användare: System -Information om blockerad webbplats- Skadlig webbplats: 1 , C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe, Blockerad, -1, -1, 0.0.0, , -Webbplatsdata- Kategori: Trojan Domän: cdn-edge-dynamic-1-fra-de-ovh.gogcdn.net IP-adress: 51.75.89.124 Port: 443 Typ: Utgående Fil: C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe (end) Hello, thanks for bringing this to our attention. We've reviewed the IP(not a domain block) again and have determined it no longer warrants being blocked so we've removed it from our database. Removal should be reflected in the next database update going out in a few hours or so. Link to post Share on other sites More sharing options...
Recommended Posts